External Card Repository (ECR) allows authentication via Card number without manually assigning the card number in SAFEQ Cloud Web UI or using Card enrollment at the MFD.

Technical details

If the ECR is set up in SAFEQ Cloud Web UI and allowed in at least one client provider, SAFEQ Cloud calls the External Card Repository URL as POST request with cardno parameter.

Example of ECR request:
curl -L 'https://external.card.repo:5000/cardinfo' -F 'cardno="1234567890123456"'

The content of the response should be in application/json format and should contain:

  • userName: String Username usually in form of an email address. It must be unique for each user. The field is mandatory.
  • [optional] fullName: String
  • [optional] email: String
  • [optional] department: String
  • [optional] expiration: Int Time in milliseconds, after which the user must log in again.
  • [optional] externalId: When integrating with Auth0, this field is mandatory. For other providers, this field is not used.
  • [optional] groups: list[Group] List of groups the user is a member of. The user will have access rights according to these groups.


  • dn: String The distinguished name of the group.
    The user in the SAFEQ Cloud database will be updated with all the provided fields. If an optional field is missing, it will not be updated.

Example response:

    "userName": "johndoe@domain.com",
    "fullName": "John Doe",
    "email": "johndoe@domain.com",
    "deparment": "Deparment",
    "expiration": "2592000",
    "externalId": "auth0|0123456789ABCDEF0123456"
    "groups": [
            "dn": "CN=Group1"
            "dn": "CN=Group2"


Was this helpful?

Yes No
You indicated this topic was not helpful to you ...
Could you please leave a comment telling us why? Thank you!
Thanks for your feedback.

Post your comment on this topic.

Post Comment